Free · No account · Instant results

Is Your Website Defenseless?

Attackers can forge emails from your domain, your SSL could be expiring, and your site may be missing critical security headers — right now. Find out in 30 seconds, free.

DNS-based · no data storedAll checks run in parallelPlain-English results

Five Layers of Security

Analyzed instantly, explained in plain English

Email Authentication

SPF, DKIM, and DMARC — the trio that stops email spoofing attacks cold.

Email fraud, BEC scams

SSL / TLS Certificate

Expiry, protocol version, and HTTP redirect — your site's encryption layer.

Data interception, warnings

Security Headers

6 free browser protections most sites are missing — stops XSS and clickjacking.

Script injection, clickjacking

Blacklist Status

Check 4 major blocklists to ensure your emails aren't silently blocked.

Email delivery failure

Technology Stack

Detect your CMS, framework, server, and hosting — know what's running and if it's up to date.

Outdated software, known CVEs

Common Questions

What is DMARC and why does my business need it?

DMARC (Domain-based Message Authentication, Reporting & Conformance) is a DNS record that tells receiving mail servers what to do with emails claiming to be from your domain. Without it, anyone can send phishing emails impersonating your business — a technique behind billions in annual fraud losses. DMARC, combined with SPF and DKIM, forms a complete email authentication system.

How often should I scan my domain?

Run a scan whenever you change email providers, update DNS records, or add new services. Monthly scans are good practice — SSL certificates expire, and mail server IPs can end up on blocklists without warning.

Can DarkHorse IT fix the issues found?

Yes. Our team specializes in exactly these configurations. Most email authentication issues can be resolved within 24–48 hours. We also offer ongoing monitoring so you're alerted before issues affect your operations.

Is this scan safe? Will it affect my website?

Completely safe. We only read publicly available DNS records and make standard HTTPS requests — the same as any browser visiting your site. We don't store your domain name or any scan data.